Added the possibility to give administrator rights to the user group at the portal via LDAP;

Updated the rules for LDAP users.

Version 2.5.1

Release date: 04/07/2018

LDAP

Fixed the Server internal error error when using the groups enclosed inside each other in the AD (bug #37414).

Single Sign-on

Fixed the issue when the user data between the Service Provider and the portal was transferred via HTTP only, even when HTTPS was enabled.

Version 2.4.0

Release date: 01/13/2018

Single Sign-on

Fixed the Invalid ssoConfig error which occurred when the link to the IdP contained the question mark '?', e.g.: IdP Single Sign-On Endpoint URL: https://accounts.google.com/o/saml2/idp?idpid=777777;

Fixed the Invalid authentication token error which prevented from adding a user to the portal using the AD FS, in case the + or - characters were present when sending the encrypted data.

Version 2.3.0

Release date: 12/15/2017

General

Added the changelog for Control Panel and link to it;

Fixed the bug when JWT parameters were not sent when updating Document Server(bug #36270);

Fixed the bug when Audit Trail heading was present at the login history page (bug #36026);

The current machine is now checked for being linked with the domain name for multiple portals.

LDAP

Fixed the bug with the LDAP Domain not found error which occurred if the DN record had no DC records (the users with Sun/Oracle DS were affected); now if the LDAP domain could not be specified, the LDAP domain will acquire the unknown value or the ldap.domain value from the web.appsettings.config configuration file;

Fixed the bug with the Sizelimit Exceeded error when trying to get more than 1000 users from the Active Directory;

Increased the login speed with the Group Membership setting enabled;

Added additional logging;

Fixed the bug with LDAP operation hanging when using Mono v5.2.0 and older;

Fixed the bug with the error when trying to login using the email address entered in the fields different from the Mail Attribute;

Fixed the bug occurring in the enclosed groups, when the users were displayed not in all groups.

Version 2.2.0

Release date: 10/31/2017

General

Added the documentserver-prepare4shutdown.sh script launch when updating the document-server for the correct edited document saving.

LDAP

Dramatically changed LDAP integration, migrated to the single library for the work with LDAP (Novell.Directory.Ldap.NETStandard, Nuget, MIT);

Login and email are now split into two separate fields;

Added the support for big data;

Increased the work speed via the LDAP protocol (the connection to the server and receiving the data is now made once per session, added the limits when only a certain number of results is necessary, fixed the slow login for bit data, removed the sorting out used to find the SID parameter);

Instead of re-creating a user with an unknown SID but an existing email the data is updated;

Added the attempt to save the correct UserName/Login in case a similar one is already taken on the portal.

Single Sign-on

Added the AD FS support;

Replaced the Single Sign-on link at the authorization page with the customizable button, added the button customization to the SSO setting of the Control Panel.

Version 2.1.0

Release date: 07/03/2017

HTTPS

Added the support of letsencrypt service for the domain certificate generation.

Single Sign-on

Added the new sso.auth service;

Added the new SSO settings page;

Added the support for Shibboleth.

Version 2.0.0

Release date: 05/25/2017

General

The Control Panel migrated from MVC to Node.js.

Version 1.6.0

Release date: 12/05/2016

LDAP

Added LDAP synchronization for users and groups when saving the settings, after login and using the Sync button;

Changed email formation for LDAP users;

Fixed the problem of creation of users with invalid emails;

Fixed the problem of duplicate users;

Added icons and hints to the users in the list for the admin;

Blocked for editing the user profile fields imported using LDAP;

Added the real LDAP password saving to the database during login in case LDAP Auth is disabled, now the LDAP users will become common portal users when LDAP Auth is disabled;

Added new API Settings method - Sync LDAP;

Added new translations;

Bug fixes.

Version for Windows

Made changes at the Update page for the Control Panel for Windows;

Updates are performed using the downloaded installation packages for each module.

The current installed component version numbers are obtained via API request to the Community Server.

The new versions available for download are obtained via the request to the http://download.onlyoffice.com/install/windows/updates.txt file, where all the latest component version numbers and links for their download are stored in the JSON format.

Introduction

Control Panel offers you the possibility to quickly and easily switch your portal to the secure HTTPS protocol.

This option is not currently available in the installation for Windows.

There are two ways to enable HTTPS for your portal via the Control Panel interface:

If you don't have any SSL certificates, you can generate a new signed certificate with one click. The Control Panel uses the letsencrypt.org service to generate the CA-signed certificates.

If you have an existing private key generated on your server and a public key certificate created on its base (self-signed or issued by a Certification Authority), you can simply upload them in the Control Panel.

View the information about self-signed and CA-signed certificatesHide the information about self-signed and CA-signed certificates

A self-signed certificate is signed by the same person who creates it. Such a certificate can be created using the OpenSSL toolkit, for example. Although self-signed certificates ensure a sufficient security level, they may cause some issues. E.g., when you access your portal, a security warning appears in a browser informing you that the certificate cannot be verified. They are also considered more vulnerable to the man-in-the-middle attacks. It's better to use self-signed certificates for testing purposes or on a server that can only be accessed from your local network.

A CA-signed certificate is signed by a trusted third party (Certification Authority, CA). Such certificates can be acquired from any SSL certificate provider you like. In most cases, to do that you need to generate a private key and CSR (Certificate Signing Request) using any preferred tool (OpenSSL, for example), then send the CSR to a Certificate Authority who will verify your identity and issue a signed certificate. In the case of such a certificate usage, the Certificate Authority verifies that the certificate is valid, so no security warnings will be displayed. Besides, a higher security level will be enabled for sensitive data.

To access Control Panel, sign in to your portal and click the 'Control Panel' link on the Start Page. Alternatively, you can go to the portal 'Settings' and click the 'Control Panel' link on the left-side panel.

Generate a new certificate

To generate a new certificate:

On the HTTPS page, click the GENERATE AND APPLY button. A popup message box will appear informing you that the certificate and private key are successfully generated.

After that your Control Panel and portal will be restarted and become unavailable during this process. It can take up to 5 minutes. Once the certificate installation process is over, your portal will be available over HTTPS.

To remove the installed certificate, use the DELETE button.

Upload an existing certificate and private key

To use an existing .crt certificate and private .key key:

On the HTTPS page, click the Plus button next to the CRT certificate field and select your .crt certificate to upload it.

Click the Plus button next to the HTTPS key field and select your private .key key to upload it.

Before uploading, please make sure that the private key is not encrypted. If you have a password-protected .key file, you will need to decrypt it first.

Once the .crt and .key files are uploaded, click the APPLY button at the bottom of the page.

After that your Control Panel and portal will be restarted and become unavailable during this process. It can take up to 5 minutes. Once the certificate installation process is over, your portal will be available over HTTPS. The domain name that your certificate was issued for is now displayed in the Generated on domain section of the HTTPS page in the Control Panel.

To remove the installed certificate, use the DELETE button.

Download
Host on your own server
Available for
Docker, Windows and Linux